Abstract
Social networks are the bases of the so-called Web 2.0, raising many new challenges to the research community. In particular, the ability of these networks to allow the users to share their own personal information with other people opens new issues concerning privacy and access control. Nowadays the Web has further evolved into the Social Semantic Web where social networks are integrated and enhanced by the use of semantic conceptual models, e.g., the ontologies, where the social information and links among the users become semantic information and links. In this chapter, we discuss which are the benefits of introducing semantics in social network-based access control. In particular, we analyze and detail two approaches to manage the access rights of the social network users relying on Semantic Web languages only, and we highlight, thanks to these two proposals, what are pros and cons of introducing semantics in social networks access control. Finally, we report on the other existing approaches coupling semantics and access control in the context of social networks.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
- 2.
- 3.
- 4.
- 5.
- 6.
The discussion about the use of named graphs in RDF 1.1 can be found at http://www.w3.org/TR/rdf11-concepts
- 7.
- 8.
- 9.
- 10.
- 11.
- 12.
- 13.
- 14.
- 15.
- 16.
- 17.
- 18.
- 19.
- 20.
- 21.
- 22.
- 23.
- 24.
The GRAPH keyword is used to match patterns against named graphs.
- 25.
Notice that the client query can be every kind of query defined by the SPARQL 1.1 Query and Update language, e.g., CONSTRUCT, SELECT.
- 26.
- 27.
Concerning accessing inferred statements, Corese-KGRAM allows to know where are the inferred triples. In this way, we can apply to these inferred triples the same access policies that regulate the access to the triples from which these triples have been inferred.
- 28.
- 29.
- 30.
- 31.
- 32.
- 33.
- 34.
- 35.
- 36.
- 37.
- 38.
- 39.
- 40.
- 41.
- 42.
- 43.
- 44.
References
Abel, F., De Coi, J.L., Henze, N., Koesling, A.W., Krause, D., Olmedilla, D.: Enabling advanced and context-dependent access control in RDF stores. In: 6th International Semantic Web Conference (ISWC). Lecture Notes in Computer Science, vol. 4825, pp. 1–14. Springer, Berlin (2007)
Alam, A., Subbiah, G., Thuraisingham, B.M., Khan, L.: Reasoning with semantics-aware access control policies for geospatial web services. In: 3rd ACM Workshop on Secure Web Services (SWS), pp. 69–76. ACM, New York (2006)
Bertino, E., Kirkpatrick, M.S.: Location-aware authentication and access control. In: IEEE 23rd International Conference on Advanced Information Networking and Applications (AINA), pp. 10–15. IEEE Computer Society, Bradford (2009)
Bolchini, C., Curino, C., Quintarelli, E., Schreiber, F.A., Tanca, L.: A data-oriented survey of context models. SIGMOD Rec. 36(4), 19–26 (2007)
Breslin, J., Passant, A., Decker, S.: The Social Semantic Web. Springer, Berlin (2009)
Buffa, M., Faron-Zucker, C.: Ontology-based access rights management. In: Advances in Knowledge Discovery and Management. Studies in Computational Intelligence, vol. 398, pp. 49–61. Springer, Berlin (2012)
Buffa, M., Gandon, F.L., Erétéo, G., Sander, P., Faron, C.: SweetWiki: a semantic wiki. J. Web Semant. 6(1), 84–97 (2008)
Carminati, B., Ferrari, E., Heatherly, R., Kantarcioglu, M., Thuraisingham, B.M.: Semantic web-based social network access control. Comput. Secur. 30(2–3), 108–115 (2011)
Carroll, J.J., Bizer, C., Hayes, P.J., Stickler, P.: Named graphs. J. Web Semant. 3(4), 247–267 (2005)
Corby, O., Faron-Zucker, C.: The KGRAM abstract machine for knowledge graph querying. In: Web Intelligence, pp. 338–341. IEEE, Toronto (2010)
Corby, O., Dieng-Kuntz, R., Faron-Zucker, C.: Querying the semantic web with Corese search engine. In: 16th European Conference on Artificial Intelligence (ECAI), pp. 705–709. IOS Press, Amsterdam (2004)
Corby, O., Dieng-Kuntz, R., Faron-Zucker, C., Gandon, F.L.: Searching the semantic web: approximate query processing based on ontologies. IEEE Intell. Syst. 21(1), 20–27 (2006)
Corradi, A., Montanari, R., Tibaldi, D.: Context-based access control management in ubiquitous environments. In: 3rd IEEE International Symposium on Network Computing and Applications (NCA), pp. 253–260. IEEE Computer Society, Los Alamitos (2004)
Costabello, L.: DC Proposal: PRISSMA, towards mobile adaptive presentation of the Web of data. In: Doctoral Consortium, 10th International Semantic Web Conference (ISWC). Lecture Notes in Computer Science, vol. 7032, pp. 269–276. Springer, Berlin (2011)
Costabello, L., Villata, S., Delaforge, N., Gandon, F.L.: Ubiquitous Access Control for SPARQL Endpoints: Lessons Learned and Future Challenges. In: WWW (Companion Volume), pp. 487–488. ACM, New York (2012)
Covington M.J., Sastry, M.R.: A contextual attribute-based access control model. In: Workshops on the Move to Meaningful Internet Systems (OTM). Lecture Notes in Computer Science, vol. 4278, pp. 1996–2006. Springer, Berlin (2006)
Covington, M.J., Long, W., Srinivasan, S., Dey, A.K., Ahamad, M., Abowd, G.D.: Securing context-aware applications using environment roles. In: 6th ACM Symposium on Access Control Models and Technologies (SACMAT), pp. 10–20. ACM, New York (2001)
Coyle, K.: Rights management and digital library requirements. Ariadne 40, 125–137 (2004)
Cuppens, F., Cuppens-Boulahia, N.: Modeling contextual security policies. Int. J. Inf. Secur. 7(4), 285–305 (2008)
Cuppens, F., Cuppens-Boulahia, N., Ghorbel, M.B.: High level conflict management strategies in advanced access control models. Electron. Notes Theor. Comput. Sci. 186, 3–26 (2007)
Dey, A.K.: Understanding and using context. Pers. Ubiquitous Comput. 5(1), 4–7 (2001)
Finin, T.W., Joshi, A., Kagal, L., Niu, J., Sandhu, R.S., Winsborough, W.H., Thuraisingham, B.M.: ROWLBAC: representing role based access control in OWL. In: 13th ACM Symposium on Access Control Models and Technologies, pp. 73–82. ACM, New York (2008)
Flouris, G., Fundulaki, I., Michou, M., Antoniou, G.: Controlling access to RDF graphs. In: 3rd Future Internet Symposium (FIS). Lecture Notes in Computer Science, vol. 6369, pp. 107–117. Springer, Berlin (2010)
Giunchiglia, F., Zhang, R., Crispo, B.: Ontology driven community access control. In: 1st Workshop on Trust and Privacy on the Social and Semantic Web (SPOT). CEUR Workshop Proceedings (2009)
Hollenbach, J., Presbrey, J., Berners-Lee, T.: Using RDF metadata to enable access control on the social semantic web. In: Workshop on Collaborative Construction, Management and Linking of Structured Knowledge (CK). CEUR-WS.org (2009)
Hulsebosch, R.J., Salden, A.H., Bargh, M.S., Ebben, P.W.G., Reitsma, J.: Context sensitive access control. In: 10th ACM Symposium on Access Control Models and Technologies (SACMAT), pp. 111–119. ACM, New York (2005)
Khandelwal, A., Bao, J., Kagal, L., Jacobi, I., Ding, L., Hendler, J.A.: Analyzing the AIR language: a semantic web (production) rule language. In: Web Reasoning and Rule Systems, 4th International Conference (RR). Lecture Notes in Computer Science, vol. 6333, pp. 58–72. Springer, Berlin (2010)
Korpipää, P., Mäntyjärvi, J.: An ontology for mobile device sensor-based context awareness. In: Modeling and Using Context, 4th International and Interdisciplinary Conference (CONTEXT). Lecture Notes in Computer Science, vol. 2680, pp. 451–458. Springer, Berlin (2003)
Kruk, S.R.: Extensible Access Control (EAC) Ontology Specification. DERI. http://www.jeromedl.org/eac/1.0/spec/index.html/ (2008)
Kruk, S.R., Cygan, M., Gzella, A.: JeromeDL—semantic and social technologies for improving user experience in digital libraries. In: World Wide Web Conference, WWW 2008. ACM, New York (2008)
Kulkarni, D., Tripathi, A.: Context-aware role-based access control in pervasive computing systems. In: 13th ACM Symposium on Access Control Models and Technologies (SACMAT), pp. 113–122. ACM, New York (2008)
Lagoze, C., Payette, S., Shin, E., Wilper, C.: Fedora: an architecture for complex objects and their relationships. Int. J. Digit. Libr. 6(2), 124–138 (2006)
Muhleisen, H., Kost, M., Freytag, J.-C.: SWRL-based access policies for linked data. In: 2nd Workshop on Trust and Privacy on the Social and Semantic Web (SPOT). CEUR-WS.org (2010)
Nasirifard, P., Peristeras, V., Hayes, C., Decker, S.: Extracting and utilizing social networks from log files of shared workspaces. In: 10th IFIP Working Conference on Virtual Enterprises, (PRO-VE), pp. 643–650. Springer, Berlin (2009)
Sacco, O., Passant, A.: A privacy preference manager for the social semantic web. In: 2nd Workshop on Semantic Personalized Information Management: Retrieval and Recommendation (SPIM). CEUR Workshop Proceedings (2011)
Sacco, O., Passant, A.: A privacy preference ontology (PPO) for linked data. In: Linked Data on the Web Workshop (LDOW). CEUR-WS.org (2011)
Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. IEEE Comput. 29(2), 38–47 (1996)
Shen, H., Cheng,Y.: A semantic context-based model for mobile web services access control. Int. J. Comput. Netw. Inf. Secur. 3(1), 18–25 (2011)
Story, H., Harbulot, B., Jacobi, I., Jones, M.: FOAF+TLS: RESTful authentication for distributed social networks. In: 1st Workshop on Trust and Privacy on the Social and Semantic Web (SPOT). CEUR-WS.org (2009)
Stroka, S., Schaffert, S., Burger, T.: Access control in the social semantic web—extending the idea of FOAF+SSL in KiWi. In: 2nd Workshop on Trust and Privacy on the Social and Semantic Web (SPOT). CEUR-WS.org (2010)
Toninelli, A., Montanari, R., Kagal, L., Lassila, O.: A semantic context-aware access control framework for secure collaborations in pervasive computing environments. In: 5th International Semantic Web Conference (ISWC). Lecture Notes in Computer Science, vol. 4273, pp. 473–486. Springer, Berlin (2006)
Toninelli, A., Montanari, R., Kagal, L., Lassila, O.: Proteus: a semantic context-aware adaptive policy model. In: 8th IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY), pp. 129–140. IEEE Computer Society, Los Alamitos (2007)
Toninelli, A., Corradi, A., Montanari, R.: A quality of context-aware approach to access control in pervasive environments. In: 2nd International Conference on Mobile Wireless Middleware, Operating Systems, and Applications (MOBILWARE). Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol. 7, pp. 236–251. Springer, Berlin (2009)
Villata, S., Delaforge, N., Gandon, F., Gyrard, A.: An access control model for linked data. In: 7th International IFIP Workshop on Semantic Web & Web Semantics (SWWS). Lecture Notes in Computer Science, vol. 7046, pp. 454–463. Springer, Berlin (2011)
Villata, S., Delaforge, N., Gandon, F., Gyrard, A.: Social semantic web access control. In: 4th International Workshop Social Data on the Web (SDoW), pp. 48–59. CEUR Workshop Proceedings (2011)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Wien
About this chapter
Cite this chapter
Villata, S., Costabello, L., Gandon, F., Faron-Zucker, C., Buffa, M. (2013). Social Semantic Network-Based Access Control. In: Chbeir, R., Al Bouna, B. (eds) Security and Privacy Preserving in Social Networks. Lecture Notes in Social Networks. Springer, Vienna. https://doi.org/10.1007/978-3-7091-0894-9_6
Download citation
DOI: https://doi.org/10.1007/978-3-7091-0894-9_6
Published:
Publisher Name: Springer, Vienna
Print ISBN: 978-3-7091-0893-2
Online ISBN: 978-3-7091-0894-9
eBook Packages: Computer ScienceComputer Science (R0)